IDL Documentation for "SecurityLevel3.SimplePrincipal"

Valuetype SecurityLevel3::SimplePrincipal

valuetype SimplePrincipal :
        truncatable SecurityLevel3::Principal

A Simple Principal represents a single entity. It is usually derived by credentials acquisition, authentication, trust rules concerning quoting, or trust rules and certificates concerning Proxying. It has one extra field over the base Principal, which is "alternate_names".

Value Member Index

alternate_names: This field contains the other name types, such as that appear in the X.509 alternate name fields.
authenticated: This field indicates whether the principal was derived or is going to be derived from an authentication mechanism.

Factory Index

create

Value Members

alternate_names

public PrincipalNameList alternate_names;

This field contains the other name types, such as that appear in the X.509 alternate name fields.

authenticated

public boolean authenticated;

This field indicates whether the principal was derived or is going to be derived from an authentication mechanism.

If the SimplePrincipal is directly or indirectly (as part of a composite Principal) in the ClientCredentials.client_principal or TargetCredentials.target_principal field, the authenticated field indicates the authentication status of the SimplePrincipal in the client or target principal, respectively.

If the SimplePricipal is directly or indirectly in the ClientCredentials.target_principal (or TargetCredentials.client_principal) field, the authenticated field indicates the target's (or client's belief) about its authentication status to the other party.

If the SimplePrincipal is directly or indirectly in the the_principal field of the initiator or acceptor of OwnCredentials, the authenticated field indicates the expectation of being authenticated to the other side of the communication when the initiator or acceptor is used.

If the SimplePrincipal is directly or indirectly in the the_principal field of a PrincipalIdentityStatement, the authenticated field indicates only the "best effort" of knowing whether the principal has been possibly authenticated or not. In other word, if this field is TRUE, it is for sure that the principal has been authenticated (or is expecting to be authenticated). If this field is FALSE, the principal may or may not have been authenticated. The reason for this ambiguity is that a PrincipalIdentityStatement may be created before the authentication of the principal being performed. In general, the authenticated field of a SimplePrincipal inside the the_principal field of a PrincipalIdentityStatement should not be taken as a definite answer for the authentication status of the SimplePrincipal.

See Also:: ClientCredentials.client_authentication; ClientCredentials.target_authentication; TargetCredentials.client_authentication; TargetCredentials.target_authentication


Factories

create

factory create(in PrincipalName the_name,
               in PrinAttributeList environmental_attributes,
               in ScopedPrivilegesList with_privileges,
               in boolean authenticated,
               in PrincipalNameList alternate_names);





Generated by the ORBacus IDL-to-HTML translator